Mobile security testing approaches and challenges

Abstract

Mobile devices such as smartphones and tablets are widely used for personal and business purposes. A mobile device may carry sensitive data and becomes an easy target for cyber criminals. Mobile security is thus important. Mobile security testing targets to detect vulnerabilities and malicious apps on a mobile device. In this paper, we present four testing approaches for mobile security: mobile forensic, penetration test, static analysis, and dynamic analysis. A mobile security testing network is further demonstrated in the paper to evaluate the effectiveness of the four testing approaches. Our testing results indicate that mobile security testing tools are still in their early development stages and efforts are desired to improve these tools. We conclude the paper with a summary of mobile security testing challenges and future directions.